The present invention relates to a cryptographic system including a computer whose program memory is programmed for processing information according to a reversible encoding-decoding process, which process includes at least two permutations in opposite directions to each other, the information to be processed comprising "p" bits to be permuted, each permutation being predefined by a definition table stored in an area of the program memory, said definition table comprising "p" table positions, each table position containing, for each of the "p" bits to be permuted respectively, an indicator value to directly indicate the new location of an associated bit after permutation, such that on the one hand each indicator value is, "a pointer to" a table position and on the other hand each table position is, "point at by" an indicator value of the table.
Encoding-decoding systems are used to ensure the security of the storage and/or the transmission of information which must remain confidential both for the sender, the encoder, and for the addressee, the decoder. The principle of security depends on the fact that an encoded information is, a priori, incomprehensible and useless to a person who is not authorized and does not know the key.
The encoding-decoding technique consists in defining an algorithmic process for processing confidential information. Presently known data processing means have become more and more complex because the speed of data processing enables a more complex authorized encoding-decoding process than with other means. On the other hand a non-authorized person is capable of using data processing for rapidly carrying out multiple deciphering attempts with the objective of reconstituting the encoded information.
A cryptographic process including two mutually inverse permutations is described in the publication "Advances in Cryptology, Proceedings of Crypto 83, Edited by David Chaum, University of California, Santa Barbara, Calif." particularly pages 171 to 202 "Analytical Characteristics of the DES" by Marc Davio et al. A relevant process is described in page 189 and the following pages; for more information on cryptography, this publication also includes a large bibliography, pages 199 to 202.
In a computer a cryptographic process is embodied in a program whose execution requires known resources such as the instruction set of the computer, registers, the random access memory, the read only memory; these resources are also used by other programs, for example by the programs which use, or even which create in clear, the confidential information.
Because of the complexity of the processes, the data processing resources necessary for their execution have become very large such that, despite all the attention which has been given to this problem, certain computers, particularly microcomputers, do not have a sufficient capacity to be able to include a decoding process.
A typical example of this regrettable situation is the memory card; the memory card together with its memory card reader is today a standardized product comprising a microcomputer of relatively limited capacity; for banking applications of the memory card it has not yet been possible to have an encoding procedure embodied in the memory of the card; because of this, the encoding can only be carried out in the memory card reader which raises problems of security during the transmission of information between the reader and the card itself.
The object of the present invention is to overcome this disadvantage by considerably reducing the data processing resources necessary for the execution of a cryptographic process in such a way that the said process can be included in a (micro) computer of limited capacity, without substantially increasing the duration of its execution by so doing.